Got a website using the WordPress software?

There's another major attempt to hack WordPress-based sites going on at the moment - my setup is banning at least one IP address from accessing the server every minute.

If you have a WP site and you don't have something watching out for brute force attempts to get access to it, it's time to do so... before it's not your site any more.

The 'Limit Login Attempts' plugin is a start, but the real solution is something like fail2ban on the server, looking for all sorts of attacks.

This entry was originally posted at http://lovingboth.dreamwidth.org/548766.html, because despite having a permanent account, I have had enough of LJ's current owners trying to be evil. Please comment there using OpenID - have and if you have an LJ account, you can use it for your OpenID account. Or just join Dreamwidth! It only took a couple of minutes to copy all my entries here to there.